Security News

Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure
2023-09-06 08:02

The Computer Emergency Response Team of Ukraine on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. "Visiting the link will download a ZIP archive containing three JPG images and a BAT file 'weblinks.cmd' to the victim's computer," CERT-UA said, attributing it to the Russian threat actor known as APT28.

Major US Energy Company Hit by QR Code Phishing Campaign
2023-08-24 21:29

Cofense, a U.S.-based email security company, released a new report about a massive QR code phishing campaign that targets numerous industries. QR codes are not often used in phishing campaigns; cybercriminals tend to use them more in day-to-day life, leaving QR codes in different places so curious people will scan them and possibly get scammed or infected by malware.

Major U.S. energy org targeted in QR code phishing attack
2023-08-16 14:16

A phishing campaign was observed predominantly targeting a notable energy company in the US, employing QR codes to slip malicious emails into inboxes and bypass security. According to Cofense, who spotted this campaign, this is the first time that QR codes have been used at this scale, indicating that more phishing actors may be testing their effectiveness as an attack vector.

Windows 11 23H2 getting an energy report with app's power usage
2023-07-22 18:55

Microsoft is making it easier to see how much energy your apps use in Windows 11 over a given period by introducing a detailed power consumption page in the latest 23H2 update. The power consumption page provides a comprehensive report of energy use over the last 24 hours or the last seven days.

Over 130,000 solar energy monitoring systems exposed online
2023-07-06 09:04

Security researchers are warning that tens of thousands of photovoltaic monitoring and diagnostic systems are reachable over the public web, making them potential targets for hackers. These systems are used for remote performance monitoring, troubleshooting, system optimization, and other functions to allow remote management of renewable energy production units.

RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors
2023-07-05 14:10

The malware "Possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for carrying out ransomware activities," Zscaler researchers Shatak Jain and Gurkirat Singh said in a recent analysis. Following a successful breach, the malicious binary is used as a conduit to set up persistence, perform the actual browser update, and also drop a stealer capable of covertly harvesting sensitive information and encrypting the stolen files, leaving the victims at risk of potential data loss, exposure, or even the sale of their valuable data.

Siemens Energy confirms data breach after MOVEit data-theft attack
2023-06-27 18:11

Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform.Today, Clop listed Siemens Energy on their data leak site, indicating that data was stolen during a breach on the company.

Suncor Energy cyberattack impacts Petro-Canada gas stations
2023-06-26 13:27

Petro-Canada gas stations across Canada are impacted by technical problems preventing customers from paying with credit card or rewards points as its parent company, Suncor Energy, discloses they suffered a cyberattack.Suncor Energy is the 48th-largest public company in the world, and one of Canada's largest synthetic crude producers, having an annual revenue of $31 billion.

How cybercriminals target energy companies
2023-06-15 04:30

In this Help Net Security video, Jim Simpson, Director of Threat Intelligence at Searchlight Cyber, discusses how cybercriminals employ specialized strategies when targeting energy companies. This is primarily due to the sensitive and valuable information these organizations hold and their critical role in infrastructure, making them particularly attractive for economic and geopolitical disruption.

Spotted: Suspected Russian malware designed to disrupt Euro, Asia energy grids
2023-05-25 21:07

Malware designed to disrupt electric power grids was likely developed by a Russian contractor, according to Mandiant's threat intel team that discovered the malicious software and dubbed it CosmicEnergy. The team say it's likely a contractor created the malware as a red-teaming tool for simulated power disruption exercises hosted by Rostelecom-Solar, a Russian cybersecurity company.